www2.ekii-net.com.asfwxzs.top
Open in
urlscan Pro
35.243.79.70
Malicious Activity!
Public Scan
Effective URL: https://www2.ekii-net.com.asfwxzs.top/dist/
Submission: On October 25 via automatic, source phishtank — Scanned from JP
Summary
TLS certificate: Issued by R3 on October 23rd 2022. Valid for: 3 months.
This is the only time www2.ekii-net.com.asfwxzs.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: JR East (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 10 | 35.243.79.70 35.243.79.70 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
9 | 2 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 70.79.243.35.bc.googleusercontent.com
www2.ekii-net.com.asfwxzs.top |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
asfwxzs.top
1 redirects
www2.ekii-net.com.asfwxzs.top |
1 MB |
9 | 1 |
Domain | Requested by | |
---|---|---|
10 | www2.ekii-net.com.asfwxzs.top |
1 redirects
www2.ekii-net.com.asfwxzs.top
|
9 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.eki-net.com |
secure.okbiz.okwave.jp |
www.jreast.co.jp |
my.jreast.co.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www2.ekii-net.com.asfwxzs.top R3 |
2022-10-23 - 2023-01-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www2.ekii-net.com.asfwxzs.top/dist/
Frame ID: 8E42619B0B16BCCEA93655E76F45CB0C
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
えきねっと(JR東日本)|ログインPage URL History Show full URLs
- https://www2.ekii-net.com.asfwxzs.top/ Page URL
- https://www2.ekii-net.com.asfwxzs.top/load.php Page URL
-
https://www2.ekii-net.com.asfwxzs.top/dist
HTTP 301
https://www2.ekii-net.com.asfwxzs.top/dist/ Page URL
Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
25 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: JRきっぷ申込/空席案内
Search URL Search Domain Scan URL
Title: のってたのしい列車(観光列車)の申込
Search URL Search Domain Scan URL
Title: おトクなきっぷの申込
Search URL Search Domain Scan URL
Title: JRきっぷ申込とは
Search URL Search Domain Scan URL
Title: えきねっとトクだ値
Search URL Search Domain Scan URL
Title: 新幹線eチケットサービス
Search URL Search Domain Scan URL
Title: えきねっとチケットレスサービス
Search URL Search Domain Scan URL
Title: JRきっぷ申込 ご利用ガイド
Search URL Search Domain Scan URL
Title: JRツアー
Search URL Search Domain Scan URL
Title: 駅レンタカー
Search URL Search Domain Scan URL
Title: 便利な使い方
Search URL Search Domain Scan URL
Title: ポイント
Search URL Search Domain Scan URL
Title: お問い合わせ
Search URL Search Domain Scan URL
Title: よくある質問
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: えきねっとユーザーIDを忘れた
Search URL Search Domain Scan URL
Title: パスワードを忘れた
Search URL Search Domain Scan URL
Title: My JR-EASTのID・パスワードをお忘れの場合(My JR-EASTサイトへ)
Search URL Search Domain Scan URL
Title: メールマガジンのご案内
Search URL Search Domain Scan URL
Title: サービス提供時間
Search URL Search Domain Scan URL
Title: ご利用にあたって
Search URL Search Domain Scan URL
Title: えきねっと利用に関する規約
Search URL Search Domain Scan URL
Title: 個人情報の取扱いに関する基本方針
Search URL Search Domain Scan URL
Title: サイトマップ
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www2.ekii-net.com.asfwxzs.top/ Page URL
- https://www2.ekii-net.com.asfwxzs.top/load.php Page URL
-
https://www2.ekii-net.com.asfwxzs.top/dist
HTTP 301
https://www2.ekii-net.com.asfwxzs.top/dist/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www2.ekii-net.com.asfwxzs.top/ |
339 B 483 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
load.php
www2.ekii-net.com.asfwxzs.top/ |
66 B 327 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www2.ekii-net.com.asfwxzs.top/dist/ Redirect Chain
|
975 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.7ae5661b.js
www2.ekii-net.com.asfwxzs.top/dist/assets/ |
372 KB 130 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.002af54a.css
www2.ekii-net.com.asfwxzs.top/dist/assets/ |
252 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checktoken.php
www2.ekii-net.com.asfwxzs.top/api/ |
13 B 245 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_ekinet.3f7c549c.png
www2.ekii-net.com.asfwxzs.top/dist/assets/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
166 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notosanscjkjp-regular_subset.434379a9.woff
www2.ekii-net.com.asfwxzs.top/dist/assets/ |
1 MB 1 MB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
548 B 548 B |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
api.php
www2.ekii-net.com.asfwxzs.top/api/ |
13 B 334 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: JR East (Transportation)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www2.ekii-net.com.asfwxzs.top/ | Name: PHPSESSID Value: pb3qf1jb94lpkf5qmirflo4i2o |
|
www2.ekii-net.com.asfwxzs.top/ | Name: token Value: 687e44122104ecefaaa946cdb89e0e26 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www2.ekii-net.com.asfwxzs.top
35.243.79.70
3f7c549cfacde11c4129c09b1908d106126d823682cc758f70fc046638d7746b
434379a92cc3af5ca03ccb2bfaadc7f2b8224b1b49f310ec5f4d27ca36777520
56849ba1a18c44af7cdea26d63d2900f97b06eb522ccbf88466760ca8525ee4b
92d7a9c9b613d0bd587a37043df4c09588d55f2d1aa7f2386691ee93a2102000
9cbb029ed73eb93a0dfe76faa5d0f9f99d26a00a1c1ce1b96af2cfb9c1ef8fd7
aa3d21398252adb9f16b5208884b4da22eec9f2019a0139b114a61f178396794
ba4924716ed0580ae30f974eebb97421a2c10c1e2cf61e8ad60fcd39d8fbca30
d0643fca972b5dfb976f10ac38b52a8caaca494ac8a436eea2b905a862952a94
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d4d96a513c50320d375f5cb8c1c4f52d6ba868b6ffafec5f451deb8dc9ef05f4
db2e42355669fdf4c0221abb55b84d6bb40f719ddf577508b38c26097f54d75a
e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a